I'm pretty sure you can do that already. HTTP has authentication, HTTPS gives you content encryption, rate limiting can prevent content scraping, I mean if you really wanted to you could do something with canvas (the hardware acceleration stuff that's being worked on could even make it perform fairly well, I suppose). Its not the same way but it could give the same result.
Well, I'm not particularly familiar with DRM apart from not liking it. What exactly does flash do that makes the DRM-loving lawyers consider it acceptable? From my point of view the kind of control offered by HTTPS and normal browser authentication is enough but the MPAA and RIAA (or the BBC, for that matter) clearly don't agree.